@@ -213,15 +213,77 @@ static X509 *read_x509(const char *x509_name)
return x509;
}
+struct cmd_opts {
+ char *raw_sig_name;
+ bool save_sig;
+ bool replace_orig;
+ bool raw_sig;
+ bool sign_only;
+#ifndef USE_PKCS7
+ unsigned int use_keyid;
+#endif
+};
+
+static void parse_args(int argc, char **argv, struct cmd_opts *opts)
+{
+ struct option cmd_options[] = {
+ {"rawsig", required_argument, 0, 's'},
+ {"savesig", no_argument, 0, 'p'},
+ {"signonly", no_argument, 0, 'd'},
+#ifndef USE_PKCS7
+ {"usekeyid", no_argument, 0, 'k'},
+#endif
+ {0, 0, 0, 0}
+ };
+
+ int opt;
+ int opt_index = 0;
+
+ do {
+#ifndef USE_PKCS7
+ opt = getopt_long_only(argc, argv, "pds:",
+ cmd_options, &opt_index);
+#else
+ opt = getopt_long_only(argc, argv, "pdks:",
+ cmd_options, &opt_index);
+#endif
+ switch (opt) {
+ case 's':
+ opts->raw_sig = true;
+ opts->raw_sig_name = optarg;
+ break;
+
+ case 'p':
+ opts->save_sig = true;
+ break;
+
+ case 'd':
+ opts->sign_only = true;
+ opts->save_sig = true;
+ break;
+
+#ifndef USE_PKCS7
+ case 'k':
+ opts->use_keyid = CMS_USE_KEYID;
+ break;
+#endif
+
+ case -1:
+ break;
+
+ default:
+ format();
+ break;
+ }
+ } while (opt != -1);
+}
+
int main(int argc, char **argv)
{
struct module_signature sig_info = { .id_type = PKEY_ID_PKCS7 };
char *hash_algo = NULL;
- char *private_key_name = NULL, *raw_sig_name = NULL;
+ char *private_key_name = NULL;
char *x509_name, *module_name, *dest_name;
- bool save_sig = false, replace_orig;
- bool sign_only = false;
- bool raw_sig = false;
unsigned char buf[4096];
unsigned long module_size, sig_size;
unsigned int use_signed_attrs;
@@ -229,13 +291,14 @@ int main(int argc, char **argv)
EVP_PKEY *private_key;
#ifndef USE_PKCS7
CMS_ContentInfo *cms = NULL;
- unsigned int use_keyid = 0;
#else
PKCS7 *pkcs7 = NULL;
#endif
X509 *x509;
BIO *bd, *bm;
- int opt, n;
+ int n;
+ struct cmd_opts opts = {};
+
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
ERR_clear_error();
@@ -247,23 +310,19 @@ int main(int argc, char **argv)
#else
use_signed_attrs = PKCS7_NOATTR;
#endif
+ parse_args(argc, argv, &opts);
+ argc -= optind;
+ argv += optind;
- do {
- opt = getopt(argc, argv, "sdpk");
- switch (opt) {
- case 's': raw_sig = true; break;
- case 'p': save_sig = true; break;
- case 'd': sign_only = true; save_sig = true; break;
+ const char *raw_sig_name = opts.raw_sig_name;
+ const bool save_sig = opts.save_sig;
+ const bool raw_sig = opts.raw_sig;
+ const bool sign_only = opts.sign_only;
+ bool replace_orig = opts.replace_orig;
#ifndef USE_PKCS7
- case 'k': use_keyid = CMS_USE_KEYID; break;
+ const unsigned int use_keyid = opts.use_keyid;
#endif
- case -1: break;
- default: format();
- }
- } while (opt != -1);
- argc -= optind;
- argv += optind;
if (argc < 4 || argc > 5)
format();
- getopt_long_only gives an option to use long names for options, so using it here to make the app usage easier. - Use more easy to remember command line argument names - Introduce cmd_opts structure to ease the handling of command line args Signed-off-by: Shreenidhi Shedi <yesshedi@gmail.com> --- scripts/sign-file.c | 97 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 78 insertions(+), 19 deletions(-)